Rules of engagement
Document program scope, auth accounts, forbidden payloads, rate limits, and reporting channel before automation.
Use case
Automate bounty research only inside a clean, authorized scope.
Use the planner to separate owned programs, allowed test classes, forbidden actions, rate limits, and evidence requirements before a run.
PoC evidence
Capture reproducible exploit evidence without disclosing secrets, user data, or third-party systems.
Human review
A paid workflow can include a review checklist before submitting any bounty report.
Method boundary
This page helps plan authorized testing. It does not run Strix, attack targets, or verify vulnerabilities. Full workflow generation is gated by the pricing page.